HomeMergers & AcquisitionsLegal Due Diligence in M&A

Legal Due Diligence in M&A

Due diligence is a systematic review of the legal, financial and operational status of the target company. It is the foundation of every informed investment decision and a key instrument for identifying and managing risk in mergers and acquisitions transactions.

Scope of legal due diligence

Legal due diligence is an in-depth analysis of the legal position of the target company. The scope is determined by the nature of the transaction, the industry and the specific risks, but typically covers the following areas:

Corporate structure and governance

Review of entries in the Commercial Register and the Register of Non-Profit Legal Entities — articles of association, memorandum of association/charter, minutes of general meetings, resolutions of governing bodies, interim certificates and shares. The capital structure, the chain of share/equity transfers, transfer restrictions (right of first refusal, drag-along/tag-along clauses), and compliance with the requirements of the Commerce Act are analysed.

Material contracts

Review of all material contracts — client agreements, suppliers, distributors, franchise agreements, licence agreements, loan agreements and credit facilities. Particular attention is paid to change of control clauses, transfer restrictions and early termination provisions.

Real estate

Verification of ownership through searches in the Property Register and the Registry Agency — title deeds, property encumbrances, mortgages, established easements, lease and tenancy agreements. For agricultural land — compliance with the Agricultural Land Ownership and Use Act and restrictions on acquisition by foreign persons.

Litigation and arbitration proceedings

Identification of all pending, concluded and potential disputes — civil, commercial, administrative and criminal. Checks in the Unified Portal for Electronic Justice (UPEJ), searches for enforcement cases in the Central Register of Special Pledges (CRSP), liens and injunctions. Assessment of the likely financial consequences.

Employment relationships

Analysis of employment contracts, job descriptions, internal remuneration rules and internal labour regulations. Review of collective bargaining agreements (CBAs), trade union representation, reports to the Personal Data Protection Commission on the processing of personal data, as well as compliance with minimum staffing requirements and mandatory social security contributions. Verification of staffing schedules and actual headcount.

Intellectual property

Review of patents, utility models, trademarks and industrial designs with the Patent Office of the Republic of Bulgaria and EUIPO. Analysis of licence agreements, software licences, copyrights and know-how. Assessment of trade secret protection and compliance with Directive (EU) 2016/943.

Tax compliance

Review of tax returns, tax assessment acts and NRA inspection protocols for the past 5 years (considering the limitation periods under the Tax and Social Insurance Procedure Code — TSIPC). Analysis of transfer pricing in intra-group transactions, application of Double Tax Treaties (DTTs), the VAT regime and potential tax liabilities. Special attention to tax deferrals and the use of tax reliefs.

Environmental compliance

Review of permits under the Environmental Protection Act, the Clean Air Act and the Waste Management Act — integrated permits, EIA, emission permits, waste management. For industrial sites — assessment of potential soil and groundwater contamination.

Insurance coverage

Analysis of active insurance policies — property, professional liability, D&O (Directors & Officers), cyber risks. Assessment of the adequacy of coverage against identified risks.

Financial review

Although financial due diligence is typically carried out by auditors, the legal team analyses the financial statements from a regulatory compliance perspective — adherence to accounting standards (NAS or IFRS), audit obligations under the Accountancy Act, and proper disclosure of contingent liabilities.

Types of due diligence

Full (hard) due diligence

Exhaustive review of all legal aspects of the target company. Conducted in significant transactions where the buyer seeks maximum certainty. Typically takes 4-6 weeks and involves access to a virtual data room with complete documentation.

Limited (soft) due diligence

Focused review of selected areas — for example, corporate structure and material contracts only. Suitable for smaller transactions or when the buyer already knows the business. The timeframe is typically 2-3 weeks.

Reverse due diligence

Conducted by the seller before commencing the sale process. The aim is to identify and resolve potential issues that could reduce value or delay the transaction. Particularly recommended for structured sale processes (auctions).

Vendor due diligence

Prepared by the seller and provided to potential buyers. It has the character of an independent report and facilitates the process when there are multiple bidders.

Due diligence process

Due diligence follows an established procedure that ensures efficiency and protection of confidential information:

1. Non-Disclosure Agreement (NDA)

Before any information is disclosed, the parties sign a Non-Disclosure Agreement (NDA). The NDA governs the scope of confidential information, permitted use, the duration of the obligation and sanctions for breach. For transactions falling within the scope of Regulation (EU) No 596/2014 (MAR), the NDA must also contain clauses regarding inside information.

2. Preliminary agreement (Term Sheet / LOI)

Typically, the parties sign a non-binding letter of intent outlining the key parameters of the transaction — price or pricing mechanism, structure, conditions and timeline. The term sheet may also include exclusivity (lock-out) for the due diligence period.

3. Preparation of the virtual data room

The seller organises the documentation in a structured virtual data room (Datasite, Intralinks, Firmex, etc.). The standard structure follows internationally established indices. A well-organised data room significantly accelerates the process.

4. Investigation and analysis

The buyer's team reviews the documentation, prepares additional question lists (Q&A), holds meetings with management (management presentations) and external advisers. Simultaneously, searches are conducted in publicly available registers — the Commercial Register, Property Register, Patent Office, CRSP and UPEJ.

5. Due diligence report

The final deliverable is a written report summarising the findings, classifying the risks (critical / significant / low) and proposing specific recommendations — conditions precedent, representations & warranties, escrow or price adjustments.

Publicly available information and special rules

A significant portion of the required information is publicly available in Bulgaria:

  • Commercial Register and NPLE Register — articles of association, annual financial statements, registered facts, published acts
  • Property Register — ownership searches, property encumbrances, registrations
  • Patent Office — registered trademarks, patents, industrial designs
  • CRSP (Central Register of Special Pledges) — registered pledges on business enterprises, shares, receivables
  • UPEJ (Unified Portal for Electronic Justice) — pending court proceedings
  • Public Procurement Register — participation in public tenders and contract performance

Special rules for public companies

Due diligence on a public company is subject to additional requirements under Regulation (EU) No 596/2014 on market abuse (MAR). Access to inside information creates obligations for insider lists, a trading ban until public disclosure and a duty to notify the Financial Supervision Commission (FSC) in certain circumstances. Violations may result in administrative sanctions under Art. 24-25 of MAR and criminal liability under Art. 253 of the Criminal Code.

Typical risks (Red Flags)

Our experience shows that the most common problems during due diligence in Bulgaria include:

  • Incomplete corporate history — missing minutes of general meetings, untransferred shares, outdated entries in the Commercial Register
  • Change of control clauses — contracts with key clients or suppliers providing for automatic termination upon change of ownership
  • Tax risks — unconducted tax audits, irregular transfer pricing, unrecovered VAT
  • Employment violations — non-compliance with Labour Code procedures, unpaid social security contributions, unresolved employment disputes
  • Property issues — unresolved property rights, missing construction and operation permits, unauthorised construction
  • Regulatory non-compliance — expired licences, non-compliance with sector requirements (e.g. energy, telecommunications, financial services)
  • Hidden liabilities — contingent liabilities, guarantees, pledges and security interests not registered in the CRSP
  • Intellectual property issues — unregistered trademarks, missing licence agreements for key software

Our approach

The Innovires team approaches every due diligence with a combination of legal rigour and business pragmatism. We do not simply list risks — we assess them in the context of the specific transaction and propose practical solutions.

  • Adaptive scope — we tailor the scope of the review to the risk profile of the transaction, the industry and the client's priorities
  • Coordination with other advisers — we work in close collaboration with financial and tax advisers for a complete picture
  • Practical report — our report contains an executive summary, detailed analysis by area and specific recommendations for addressing the risks
  • Negotiation support — we use the due diligence findings to structure protective mechanisms in the share purchase agreement (SPA) — warranties, indemnities, escrow, conditions to closing
  • Experience in key sectors — technology, manufacturing, real estate, energy, financial services

Frequently asked questions

How long does due diligence take?
The duration depends on the scope and complexity of the transaction. Limited (soft) due diligence typically takes 2-3 weeks, while full (hard) due diligence may last 4-6 weeks. For public companies or regulated industries, the timeframe may be longer due to additional regulatory requirements. A key factor is also the seller's preparedness — a well-organised virtual data room significantly accelerates the process.
What if problems are discovered during due diligence?
Identified problems do not necessarily mean termination of the transaction. Depending on their severity, various risk management mechanisms exist: price reduction, inclusion of specific warranties and indemnities in the SPA, retention of part of the price in escrow, negotiation of conditions precedent — for example, remediation of a specific problem before closing. Only in the case of critical, irremediable risks (deal breakers) is withdrawal from the transaction recommended.
Is due diligence necessary for small transactions?
Due diligence is recommended for every transaction, regardless of size. For smaller transactions, the scope can be limited to key risk areas — corporate structure, material contracts, tax compliance and employment relationships. The cost of limited due diligence is incomparable to the potential losses from acquiring a company with hidden liabilities or legal problems. Many issues with small and medium enterprises in Bulgaria are related to informal practices that are not visible from the financial statements.

Need legal due diligence?

Our team will conduct a thorough review of the target company and provide you with a clear, practical report with specific recommendations for risk management.

Related services

M&A Deal Structuring

Share deal, asset deal, going concern and reorganisations

Regulatory Approvals

CPC, sector regulators and FDI screening

Post-Closing & Integration

Post-closing obligations, earn-out and integration